General
-
Target
impormasyon #PK03016350.doc
-
Size
225KB
-
Sample
230315-vhfggsge8w
-
MD5
3845abf7b760cfad84c6ff2b171baf11
-
SHA1
f8abcf035042ac2fa8e9c8f371b194b187592c08
-
SHA256
9aabec7933de24943ec1ceb8ad895cecabc33d39bb3aff928987ffc948402610
-
SHA512
b69c53b6ded187b25ea27054acab625eb10adc6e6d602662084b00b68a5d6144ab3c8d8981c8a6729f4f87bf19b8c4dcdfd809721af6ac2d3f7555ea8cd3a814
-
SSDEEP
3072:f4PrXcuQuvpzm4bkiaMQgAlSUlK4fbSpAA:QDRv1m4bnQgISSKQepAA
Behavioral task
behavioral1
Sample
impormasyon #PK03016350.doc
Resource
win10v2004-20230220-en
Malware Config
Extracted
http://marmolhi.com/_vti_bin/0nNKKlWZ4/
https://comerciopuravida.com/wp-admin/qqUV32Q/
http://www.closmaq.com.br/wp-admin/nc/
http://pulseti.com/isla/61D/
https://hotelunique.com/teste/oxda9J0BvF/
http://greensync.com.br/aspnet_clientOld/Xyicd/
http://muabannodanluat.com/wp-admin/css/colors/kIxtL8/
Targets
-
-
Target
impormasyon #PK03016350.doc
-
Size
225KB
-
MD5
3845abf7b760cfad84c6ff2b171baf11
-
SHA1
f8abcf035042ac2fa8e9c8f371b194b187592c08
-
SHA256
9aabec7933de24943ec1ceb8ad895cecabc33d39bb3aff928987ffc948402610
-
SHA512
b69c53b6ded187b25ea27054acab625eb10adc6e6d602662084b00b68a5d6144ab3c8d8981c8a6729f4f87bf19b8c4dcdfd809721af6ac2d3f7555ea8cd3a814
-
SSDEEP
3072:f4PrXcuQuvpzm4bkiaMQgAlSUlK4fbSpAA:QDRv1m4bnQgISSKQepAA
Score10/10-
Process spawned unexpected child process
This typically indicates the parent process was compromised via an exploit or macro.
-
Blocklisted process makes network request
-